Getting started with Splunk

I often get questions from industry, peers, clients, and interested students about how to get started with Splunk. While the Splunk Fundamentals I class is excellent (and free), its primary focus is on using Splunk, with the assumption that you already have a working Splunk environment. Since this is not something everyone necessarily has access to, it has inspired me to create this guide with a different approach.

When I’m learning something new, I like to experience the product hands-on. This allows me to try it out, get it running, see what it can do, and understand how it works in my own environment. So, I wanted there to be something that would match this process in terms of introducing concepts in a real-world way that are relevant to us as Splunk administrators (e.g. getting Splunk up and running, bringing in data, and actually using real data).

Ready to become a Splunk hero?

This class is my attempt to provide a relatively straightforward approach to learning many of the basic Splunk administration tasks. My hope is that by the end you will leave being more familiar with how to set up and run Splunk.

While this course is primarily intended for those who are new to Splunk administration, it’ll be a good refresher for anyone who wants some guidance on building a Splunk lab environment as well. This class is unique in that it doesn’t require you to have any Splunk experience (or even a Splunk environment) to get started. I’ll walk you through building your own Splunk lab environment, show you how to onboard data, and then we’ll use that Splunk instance to complete the remaining activities in the class.

Questions or other useful commentary? You know where to find me.

I’m looking forward to helping you on your journey to becoming a Splunk administrator and making this amazing product work for you. If you have any questions about the class or suggestions for improvement, don’t hesitate to drop me a comment below.